Re: I-D ACTION:draft-ietf-dhc-authentication-03.txt

[Mike Carney - SunSoft Internet Engineering <mwc@atlantic.east.sun.com>]

> At 5:42 PM 11/26/96, Thomas Narten wrote:
> >>   Appendix A - Key Management Technique
> >>
> >>   To avoid centralized management of a list of random keys, suppose K for
> >>   each client is generated from the pair (client identifier, subnet
> >>   address), which must be unique to that client.  That is, K =3D MD5(MK,
> >>   unique-id), where MK is a secret master key and MD5 is some encoding
> >>   function.
> >
> >In the first paragraph, it seems to me that you don't want the subnet
> >address to be part of the computation, since that would change the key
> >if the subnet was renumbered.
> 
> Oops - of course, including the subnet number in the key means that a=
>  particular key will only be valid on one subnet.  I think we should take=
>  the subnet out of the key generation mechanism for this suggested=
>  technique, and accept the possibility of client-identifier (and, therefore,=
>  key) collisions.
> 
> - Ralph
> 
> 
> 
Yes, I agree that removing the subnet number is a good idea. BTW, I think you
should move this technique out of an appendix and into the text. The method
described here completely frees administrators from having to deal with key
management of many keys. This 'shared secret' (master key) approach is
ingenious!